The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

5th November 2012 was the most exciting day in Cyberspace, yesterday we have report about few major hacks and leaks including Hacking of ImageShack Server , thousands of researchers database leak from Symantec portal, then  NBC Sports Rotoworld forums and NBC Mobile site was defaced by pyknic hacker and a claim that user names and passwords for the site had been compromised, Anonymous leaks the VMware ESX Server Kernel source code online , numerous Australian sites, and the Organization for Security and Cooperation in Europe. The Guy Fawkes Day start with the hack of  28,000 Paypal Accounts. AnonymousPress tweeted , " Paypal hacked by Anonymous as part of our November 5th protest privatepaste.com/e8d3b2b2b1 #5Nov " (File Removed now) Private Paste documents contained 27,935 entries from Paypal database table “ mc_customers ” including emails, names, passwords (encrypted) and corresponding telephone numbers. However acc...

Hackers hack into ImageShack server and expose all the files online, moreover Antivirus Company Symantec's portal also hacked by them and complete database of all 1000's of researchers dumped in a pastebin File. One of the hacker behind this hack avilable on twitter at  @ Doxbin . Hacker expose content of few most important files of the server, like /etc/passwd ,  /etc/shadow , Content list of ImageShack Web directory (/home/image/www) and many more. Hacker claimed to use some zero day vulnerability in order to get into the server. Whereas in  Symantec case, hackers leak complete database from online portal. Database information includes Phone numbers, email, domain, password, Name, Username etc. According to Hackers write up that exploit unknown zero-day bug of ZPanel used by Symantec to get into server. In same operation, hackers target  CrytoCC website (http://kerpia.cryt...

Mobile version of Official NBC website (m.nbc.com) and NBC Sports Rotoworld forums (forums.rotoworld.com) are currently defaced with a message reading " hacked by pyknic ." and " Remember, Remember The Fifth of November, The Gunpowder Treason and Plot. I know of no reason why the gunpowder treason should ever be forgot. " Hacker also claim that "user info" and "passwords" had been exposed, but yet there is no note about the dumped database location. We will update the article, once after receiving more information about the hack. Stay Tuned.

Cross Site Scripting (XSS) is currently the most common vulnerability in the world. This is vulnerability of some host which allows anyone to inject code/scripts into the page. The injected scripts could be html tags, javascript script, vbscript scripts. A Hacker with virtual name ' Human mind cracker ' expose similar v ulnerabilities in some big and Important sites, like  Israel airline, Myspace, MTV website, Sweden government, Bangladesh bank, Nasa subdomain, Brown University, Afghanistan government website and Rome government website. In a pastebin note , hacker disclose the vulnerabilities and exact working links. These Cross Site Scripting existence is because of the lack of filtering engines to user inputs at websites, forms and web servers. Most of the time readers thinks that XSS is a very minor bug and having very less impact. But if implemented in a better way, that can ...

India is set to take steps to protect its cyber infrastructure and designate agencies for carrying out offensive cyber attacks on other countries. Indian Government announce the appointment of   first coordinator for The National cyber security agency. Mr. Gulshan Rai , who presently heads the Indian Computer Emergency Response Team (CERT-IN), will be the first coordinator. The move comes at a time when proof shows countries launching cyber attacks not only for intelligence gathering and many nations describing the attacks as an act of war. " The plan is in final stages with certain legal issues being clarified. Among the issues are some objections to the legal powers of the proposed National Critical Information Infrastructure Protection Centre (NCIPC), a command-and-control centre for monitoring the critical infrastructure. NCIPC is to be managed by the technical intelligence agency NTRO (National Technical Research Organisation), and...